WebApp Sec mailing list archives

Re: Apache VS IIS Securiyt model question

From: Alexander Morozov <amorozov () pisem net>
Date: Mon, 13 Sep 2004 00:25:26 +0400

AFAIK, currently apache doesn't support such a model,
that is what metuxmpm project is for, but it's still experimental.


On Fri, 10 Sep 2004 21:55:54 -0400
"mthompson" <mthompson () brinkster com> wrote:

Hello,

I am doing research and I am stuck. 

Pitch: In IIS there is the ability to set permissions on a per website
basis. In other words the ability to limit access to files and
directories based on the users credentials that the website is running
under. Additionally, you would in turn add this user to a group and
apply group permissions to an object that needed to be accessed by
more
than one site.

Question: Is there a similar security model for apache that would
allow
credentials from a user to run a virtual website and access files only
for a specific virtual site.

Also, does any one have a diagram of the apache process?

Thanks,

Mike

Current thread:

Apache VS IIS Securiyt model question mthompson (Sep 11)
- Re: Apache VS IIS Securiyt model question exon (Sep 12)
- RE: Apache VS IIS Securiyt model question Dinis Cruz (Sep 13)
- Re: Apache VS IIS Securiyt model question Ivan Ristic (Sep 13)
- Re: Apache VS IIS Securiyt model question Alexander Morozov (Sep 13)
- <Possible follow-ups>
- RE: Apache VS IIS Securiyt model question Ken Schaefer (Sep 15)
  - (Asp.Net Full Trust Vulnerabilities) RE: Apache VS IIS Security model question Dinis Cruz (Sep 15)
    - Re: (Asp.Net Full Trust Vulnerabilities) RE: Apache VS IIS Security model question Ken Schaefer (Sep 18)
    - RE: [Owasp-dotnet] Re: (Asp.Net Full Trust Vulnerabilities) RE: Apache VS IIS Security model question Dinis Cruz (Sep 21)